budibase/packages/server/src/api/routes/permission.js

const Router = require("@koa/router")
const controller = require("../controllers/permission")
const authorized = require("../../middleware/authorized")
const {
  BUILDER,
  PermissionLevels,
} = require("../../utilities/security/permissions")
const Joi = require("joi")
const joiValidator = require("../../middleware/joi-validator")

const router = Router()

function generateAddValidator() {
  const permLevelArray = Object.values(PermissionLevels)
  // prettier-ignore
  return joiValidator.body(Joi.object({
    permissions: Joi.object()
      .pattern(/.*/, [Joi.string().valid(...permLevelArray)])
      .required()
  }).unknown(true))
}

function generateRemoveValidator() {
  // prettier-ignore
  return joiValidator.body(Joi.object({
    permissions: Joi.array().items(Joi.string())
  }).unknown(true))
}

router
  .get("/api/permission/builtin", authorized(BUILDER), controller.fetchBuiltin)
  .get("/api/permission/levels", authorized(BUILDER), controller.fetchLevels)
  .patch(
    "/api/permission/:roleId/add",
    authorized(BUILDER),
    generateAddValidator(),
    controller.addPermission
  )
  .patch(
    "/api/permission/:roleId/remove",
    authorized(BUILDER),
    generateRemoveValidator(),
    controller.removePermission
  )

module.exports = router
Changing the role system to have permissions integrated rather than the permissions being per user. 2020-12-02 18:08:25 +01:00			`const Router = require("@koa/router")`
			`const controller = require("../controllers/permission")`
			`const authorized = require("../../middleware/authorized")`
Initial work towards rbac. 2021-02-05 16:58:25 +01:00			`const {`
			`BUILDER,`
			`PermissionLevels,`
			`} = require("../../utilities/security/permissions")`
			`const Joi = require("joi")`
			`const joiValidator = require("../../middleware/joi-validator")`
Changing the role system to have permissions integrated rather than the permissions being per user. 2020-12-02 18:08:25 +01:00
			`const router = Router()`

Initial work towards rbac. 2021-02-05 16:58:25 +01:00			`function generateAddValidator() {`
			`const permLevelArray = Object.values(PermissionLevels)`
			`// prettier-ignore`
			`return joiValidator.body(Joi.object({`
			`permissions: Joi.object()`
			`.pattern(/.*/, [Joi.string().valid(...permLevelArray)])`
			`.required()`
			`}).unknown(true))`
			`}`

			`function generateRemoveValidator() {`
			`// prettier-ignore`
			`return joiValidator.body(Joi.object({`
			`permissions: Joi.array().items(Joi.string())`
			`}).unknown(true))`
			`}`

			`router`
			`.get("/api/permission/builtin", authorized(BUILDER), controller.fetchBuiltin)`
			`.get("/api/permission/levels", authorized(BUILDER), controller.fetchLevels)`
			`.patch(`
			`"/api/permission/:roleId/add",`
			`authorized(BUILDER),`
			`generateAddValidator(),`
			`controller.addPermission`
			`)`
			`.patch(`
			`"/api/permission/:roleId/remove",`
			`authorized(BUILDER),`
			`generateRemoveValidator(),`
			`controller.removePermission`
			`)`
Changing the role system to have permissions integrated rather than the permissions being per user. 2020-12-02 18:08:25 +01:00
			`module.exports = router`